>There is the idea that “there is no such thing as insensitive web traffic” and that the privacy of communication is absolute.
The essay seems to center on "privacy" and "hiding".
The other use for encryption is "authenticity". We want to have trust that the pixels on the desktop monitor or iPhone are actually correct. Whether a user is a city administrator looking at weather.com pixels to decide whether to shutdown schools for the day, or a grandmother looking at NYT or Yahoo pixels to check a stock price before selling, encryption helps ensure the veracity of what their eyeballs see.
Grandma doesn't care if the government or Facebook knows she read the New York Times. Someone on the subway can look over her shoulder to discover that same datapoint. On the other hand, she does need to have confidence that what she reads has not been tampered with.
One could attempt to write "data protection" protocols that send multiple hashes to verify the payload. However, if the hashes are cleartext, you're back to where you started with broken trust because the hashes can be spoofed. The necessity of encryption (without regard for hiding or privacy) appears again.
You certainly can have authenticity without encryption - just think of how Debian package downloads are authenticated with gpg. In fact this option is built into TLS - RSA/SHA with the null cipher suite.
It doesn't solve the CA problem or the cost problem (you still have the whole cost of setting up a TLS session, actually encrypting the payload is the cheap part). But it's possible.
You can verify authenticity through signatures -- no need to encrypt the full body for that. The fact that there's no (widespread) general-purpose solution to sign arbitrary traffic is IMO problematic, people apparently are fine with just paying the cost of encryption.
Encryption bundles orthogonal concerns, authenticity and confidentiality. Since there are situations confidentiality is not desired (see OP), I think we should work on making cleartext+signature easier.
Having read the entire article, I'd say that while it's good to consider the implications of encrypting all traffic (including those mentioned in the article), it's perfectly reasonable to have done so and still come to the conclusion that every single one of those implications are entirely by design features, rather than bugs.
"Lawful intercept": sure, you have the right, good luck with that. We're not going to make the Internet less secure for the benefit of government interception; if anything, we're making it more secure because of the possibility of government interception. This one is a very old argument, and easily debunked: assuming you allow any encryption at all, just having less of it doesn't make lawful interception any easier, because of course all the illicit traffic will be encrypted. The only thing it does is make encrypted traffic seem more suspicious, which isn't good for anyone.
SNI works just about everywhere these days, and it's quite safe for most services to just turn it on and write off the few systems (IE on XP, and truly ancient mobile devices) that can't cope.
People don't get used to clicking certificate warnings away because browsers have gone out of their way to make that painful, and it should be.
If you don't understand TLS, learn, or count on other people to have learned. That's no excuse for not using it.
There are many folks working on fixing the CA problem, but even without that completely fixed, SSL is still better than cleartext.
All that said, I do think the first section of the article, about unintended affordances (such as emergencies) is worth considering in other technological contexts. That point was made years ago: http://code-is-law.org/
> "Lawful intercept": sure, you have the right, good luck with that. We're not going to make the Internet less secure for the benefit of government interception; if anything, we're making it more secure because of the possibility of government interception.
Government censorship is happening if you want it or not. The main difference is now that there is a lot more collateral damage with SSL deployed.
> If you don't understand TLS, learn, or count on other people to have learned. That's no excuse for not using it.
I agree in the sense that anyone who runs a security critical website should deploy SSL and there is no excuse for not doing it. However what triggered the whole article was that more and more websites become completely impossible to use in the absence of SSL even for anonymous data access.
The author seems to be calling a lot of things effectively bugs of encryption that I see as features.
>Unfortunately, SSL prevents this. Unfortunately because it means that if a website hosts partially illegal shared content, then the whole website is down and not just the subsets of it which are legally problematic.
>But not everybody is entitled to privacy in all situations. For instance convicted criminals are not. Likewise many lawful professions need to be heavily surveyed for security.
>a pilot hid his psychological problems from his employer and intentionally caused a plane to crash.
In my view this is all valid reasons to encrypt everything. When prisoners are made such based on unjust laws, I say that anything that gives them their rights is good. Forcing a government to be very overt about its censorship of websites is good. Allowing people to hide their mental disorders in a world where a mental disorder is still seen as a moral failing is good.
Encrypting everything enforces a positive change on society. Governments have to be more open about their censorship, allowing for greater discussion. Dissidents can communicate in secret, allowing for greater freedom. Critical systems have to be built so that a single individual cannot cause a large loss of life. Groups that are required to be surveyed must directly incorporate it into their systems
As for the cost of using SSL, my understanding is that they are much overstated.
I respect the author but this doesn't read well reasoned.
Firstly CAs not being equipped to scale and the inevitable mistakes that will happen in a highly manual process. Thankfully this has already been resolved, we have DNS - if you are in control of DNS you are authenticated. This is is the system to be used in the EFF automated certificate issuing protocol.
As for CPU cycles we have Moore's law (which is still in full effect for things like SSL decryption). That and many many motivated engineers.
The next bit is where things get sour.
It seems the argument is because law enforcement has the "right" to read your traffic that anything you do to dissuade them will only result in further systematic destruction of privacy, i.e MITM attacks on SSL.
The final points around complexity do make some sense but those are against SSL, not against encryption IMO. SSL and TLS are both hugely complicated but this need not be the case.
As for my point of view.
We need encryption. Why? Because communication has changed.
Communication used to be manual and as such the attacks against it were manual and unable to be orchestrated at scale.
Government surveillance was better understood because communication was simpler so lawmakers couldn't destroy all privacy accidentally.
Now almost all communication is digital, it's become economical to simply subvert -everyones- privacy.
Lawmakers are at a loss to understand even basic computer science let alone what motivated and technically sophisticated "law enforcement" agencies can do with such massive amounts of information.
We need encryption to save privacy before it's lost forever.
> We need encryption. Why? Because communication has changed.
I never said that we don't need encryption, far form it. I said we do not need to encrypt everything and I firmly stand by that. If we do want to encrypt the entirety of the internet traffic then I believe we need to consider all the consequences this causes. That was my point, not more, not less.
> There is no technical reason for this unless you want to hide from someone that you are downloading a specific Python package which seems pointless.
"Oh, I see you're downloading this package in a slightly old version that is still vulnerable. I guess you're going to install it, which means you'll be vulnerable in the next 10 mins"
This is one of the main obstacles of things like apt-p2p or debtorrent (i.e downloading your system packages in a p2p fashion): you don't wan't to tell the whole world what are the packages on your machine.
Agreed. There is a very technical reason for wanting to encrypt downloads.
There's a political reason as well: "I see you just downloaded pycrypto - we're going to throw you on a watchlist since you obviously want to hide something". This speculation is based on past actions doing this very thing with Tor.
> The greatest impact on user's safety would have been the development of per user encryption for public Wifi access points. Instead what happened is that now every larger website has to implement SSL
Assuming that, once it's off the wifi, it's utterly unrealistic that an attacker could be anywhere else in the packet path? That -- even outside of ecommerce -- there's no way any icky ISP could be doing deep packet inspection to sell your data out for ads, or any virus on a cheap consumer-grade router interested in hijacking your profile to turn into a spambot? And assuming, moreover, that this New Technological Capability would be deployed in a consistent and timely fashion? Sure, I agree it'd be an excellent deterrent to many attacks on its own, but end-to-end encryption easily wins. (And if you're really an interesting "larger website" then you have the resources to make SSL happen.)
Of course the ISP could fiddle with your data. But likewise a post man could open your mail. That fiddling with data is not a crime is first and foremost a policy and law problem.
This article takes the position the government has the right to shut down communication it dislikes and spy on communication as it sees fit, as this is legal in some places and the author does not want to get into whether or not it should be legal.
This is a fundamental disconnect with how many people on the pro-encryption side think - the government has no right to do this, regardless of the law, and therefore we will do all we can to get in the way.
>> Cryptography is black magic.
It's maths.
>> As of recently the Python package installer downloads every package via SSL. Why? There is no technical reason for this unless you want to hide
There are multiple reasons.
One might be to ensure integrity of the file, and authenticity of the source. TLS gives you this, plaintext not so much.
Another is that the more uninteresting stuff there is getting encrypted, the better, as it means it's less noteworthy.
I think you are misrepresenting the position opposed to you. My position is like this: pro-encryption people distrust government, which is fundametally mistaken position. Government has rightful authority justified by democratic process. Policy change should be done by democratic process, not by decree from elites using technology such as encryption. Such policy-change-by-technology bypasses democratic process and is dangerous. Trust is human construct, so "trust math, not government" is position that is not only wrong, but also is confused.
Not a fan of this argument. It applies the small economic negatives w/o counting the value of the positives.
Pro: Democracy is more stable and more guaranteed
Pro: Lower level criminals are thwarted and the cost of attacks prohibit profitability of small attacks.
Pro: Increasing value of transactions are becoming possible online. No one in their right (or educated) mind would sign into a $10k+ account if their password/traffic wasnt protected.
I like this essay, not because I agree with most of its arguments, but because it raises interesting ones. What's frustrating about it, to me, is that the main thrust seems to be "There are problems with TLS, and especially using it everywhere", which is very valid.
But then the message / proposed solution is "let's just give up on TLS except for what I arbitrarily define as important". What I would have hoped for is "let's try to make it better".
Encrypting everything promotes individual agency, the freedom of an individual to communicate solely (encryption) and certainly (MAC) with whomever that individual chooses. Cryptographic protocols do not inherently cause performance or logistics complications (Resource usage, content isolation) as these are side effects of other underlying issues with the technology upon which we implement cryptography and can be fixed without compromising the security of cryptography.
The only argument against pervasive solid encryption with potential validity is external-party bypassing; where the external-party is outside the intended group of involved parties (Bob & Alice) and wishes to access or manipulate the secured communications. The most obvious situation being some external authority wishing to prevent or prosecute a crime.
Traditionally, in the US, you (and your property) have agency until a warrant, subpena, or probable cause arises. At this point, and no sooner, the acting authority suspends some part of that agency for the assumed greater good of the society and begins collecting evidence through an established process. Without this suspension of agency the authority, traditionally, cannot and should not be treating you or your property with reduced agency; the authority should not be preemptively diminishing your agency by starting that evidence collection process (compromising protections) with zero probably cause.
It is the problem and responsibility of that authority, as set out by the social contract of free agents comprising our society, to reduce agency and collect evidence AFTER probably cause arises and NOT as the default against every citizen.
This article ignores the complexity of not encrypting everything.
What is the recourse for the average Joe when his social network doesn't encrypt logins? Facebook did this for years, the average user just ignored it and logged in, no amount of training or convincing could dissuade many.
What will the user interface look like for a site that is not encrypted but verified secure? It is hard enough to get people verify the lock icon is green or gold. Many ignore and just assume that online shopping is so fraught with hackers that it cannot be done safely. This will not help that situation.
Why do we care about the cost of CPU cycles? No matter how good the encryption is a human still needs to make a decision. Settling on a simple one helps the human make it faster. CPU cycles get cheaper every year but the brain hasn't improved in thousands.
Encrypting everything is simple and can be made to work even for less technical people.
As a secondary point even if don't get simplicity isn't incorrectly setup encryption, better than none? For one example: Self signed certificates don't protect you from a man in the middle perpetrated by the government or ISP, but they will stop neighbors with packet sniffers.
If we forgo simplicity I will still encrypt what I can. Having only some protection is not the same as my protection being an illusion.
In case someone reads the cached version, I added a note about my point about Wifi after it was brought up that the attacker could be the Wifi provider itself so refresh the page.
Perhaps he should have said "Using SSL is like using antibiotics. If everyone is using it all the time, the attackers just find ways around it that are impossible to defend against and you're screwed."
Not sure I get the analogy about having gates on the subway are bad when people need to use the subway in an emergency. Like, if you have a stab wound and are taking the subway to the hospital, its better not to have to fumble around for change in your pocket and line up for a ticket? Seems like there are actually very few or no emergencies where someone needs to ride the subway for free.
Also, I'm no SSL expert, but even if the certificate is expired and the user acknowledges the error, isn't the communication still encrypted? They don't lose the encryption just because of an expired certificate do they? I honestly don't know, but I just assumed that's how it worked.
The one thing I agree with is that the trust model for SSL is opaque to most users. I have no idea who my browsers trust by default, and I have no idea who those guys trust, and even if there is a 3rd degree of trust beyond that, and so ultimately there are thousands of people around the world who could spin up an SSL certificate that my browser would trust without question. Strange system.
> Perhaps he should have said "Using SSL is like using antibiotics. If everyone is using it all the time, the attackers just find ways around it that are impossible to defend against and you're screwed."
Except no such mechanism exists. If you build proper crypto, it's secure, attackers can not simply make it insecure by wishing it were.
> Also, I'm no SSL expert, but even if the certificate is expired and the user acknowledges the error, isn't the communication still encrypted?
But it might be using a compromised key, for example. Also, one problem is people getting used to clicking "OK" on SSL warnings, which might backfire when confronted with an actual attack.
>Perhaps he should have said "Using SSL is like using antibiotics. If everyone is using it all the time, the attackers just find ways around it that are impossible to defend against and you're screwed."
Except we are dealing with intelligent actors instead of unguided evolution. They will go after those tools as long as anyone could possibly use SSL.
I want to point another thing: more and more ISPs are moving away network neutrality. Latest example: Verizon is injecting cookies into users request to be able track their activities and then sell gathered info to advertisers [1]
I don't have problems with 3-letter agencies doing what they have to do (though, I would prefer to have proper governance over data access procedures and SSL might help there too), but ISPs should not be altering your traffic. Especially if you pay for the service. SSL prevents cookies injection.
As I understand it, your argument on a technical level is basically that SSL and the CA system as-is sucks, and I think most people would agree with that. That's something that can be fixed (at least according to djb).
On a social level, I don't find any of the arguments convincing. The positives of ensuring private communication far outweigh the negatives.
So, I've upvoted the article because these are things that need to be discussed. And I don't have good answers necessarily, all I really have is a sort of counterpoint to add to the pile of confusing issues.
Consider the two-dimensional graph of difficulty of hostile interception of traffic vs. the value of hostile interception of traffic to the intercepting entity. ("Interception" including both attacking authenticity and privacy of the connection.) In the low/low side, you have, say, my blog posts. Deliberately public, of interest to pretty much nobody "official", unencrypted, unauthenticated HTTP. On the high/high side, well-encrypted inter-colo traffic between two computers owned by a bank, or perhaps an arms manufacturer.
10 years ago, this was a rich graph with lots of interesting nuances. Who even cares about the easy/easy cases? Of course the hard/hard cases justify encryption. And there's a lot of in between and useful cost/benefit analysis that could be done. I think the original article is written based on this mental conception of the landscape.
However, recently between technological advances and increased discovery about what is being done by governments (and remember, not just the US government, many have been caught doing things and many more are presumably getting away with things we still have not heard about) and a variety of corporations (and remember all this Superfish stuff and such predates the mandatory encryption!) has revealed that the previously-rich 2D landscape really isn't 2D after. It turns out that there is no "difficulty" dimension. It's all very easy to intercept, at scale, if not downright trivial. Governments hoover (both the vacuum and as in J. Edgar) up entire fiber optic trunks. Companies and spyware get a footprint on a machine and basically nuke all SSL flat for thousands of machines or entire major corporations at a time.
In the other dimension, it has become pretty clear that even "trivial metadata" allows far more information to be exposed about someone than any but a handful of computer scientists would have believed 10 years ago [1]. Everything has a great deal more value than we thought.
The net effect of all of this is that it collapses the entire previously-two-dimensional landscape to a nearly a single point. Everything is trivial to collect, and everything leaks a shocking amount of information, and information is power.
Consequently, regardless of the fact that both answers suck in their own way, we really only have one choice: Require encryption, or not. There's no middle ground anymore. We used to have one, but it's collapsed away.
And, frankly, acknowledging everything in the original article and with the amplification that there's probably even some stuff missing that could be added, I'm pretty sure that in the end, there's still only one reasonable choice, which is the direction we're currently headed in. Yeah, it sucks. But a root cause analysis of the problem isn't that it's the encryption's fault... it's the companies, spyware, and government that have put in so very, very much effort into collapsing this landscape. Blame them for the measures we have to take to protect everybody.
Though, even as you do so, bear in mind that in the rich, complex ecosystem of the Internet, parasites are ultimately inevitable, so it's also no use pretending that if we just fix the current companies and governments we could somehow change the problems. The only answer is that, yeah, we have to rewrite how the "laws of physics" of this ecosystem work. The only other alternative is the overproliferation of parasites and a resulting value collapse of the ecosystem to humanity as it becomes too untrustworthy to use for a variety of things we'd really like to use it for. (That is, I'm not claiming that the Internet would become entirely useless, but we'd really like to be able to use it for important things, not just Buzzfeed and cat videos.)
This is a really interesting argument you've advanced. The chart you describe is illustrative and the changes wrought on it certainly disturbing.
Unfortunately, I think you have over-simplified a complex issue to a dichotomy (encrypt everything or nothing) that is perhaps more confusing than helpful.
Encryption is a broad and diverse subject, as well as a field of expertise (not mine). I doubt parties in the debate have axioms that align here as there are so many interpretations and levels of detail to disagree about. Put more clearly I don't think any three people reading this would agree on what you mean by encryption in your post.
If you instead said "protect" "everything" / all traffic / all data/ all browsing /... , and gave some details as to the threats you are concerned about, it might strengthen the argument you are making.
EG : "protect" the "names of sites I visit" from sousveillance ... "protect" the "integrity of software packages I download" from "evilgrade" attacks ... protect "the pseudo-anonymity" of "journalists posting to social networks" from "state sponsored malware injection" ... and so on. Encryption techniques could be (are) used against all of these problems, but in different ways.
There is a lot to discuss and try to understand in these issues. Thank you for contributing positively to the discussion ( and I hope I am as well).
Nice bit of assuming the government's self-granted permissions are "rights" and then hand wringing they can't access them, there. I find myself unconvinced.
[+] [-] jasode|11 years ago|reply
The essay seems to center on "privacy" and "hiding".
The other use for encryption is "authenticity". We want to have trust that the pixels on the desktop monitor or iPhone are actually correct. Whether a user is a city administrator looking at weather.com pixels to decide whether to shutdown schools for the day, or a grandmother looking at NYT or Yahoo pixels to check a stock price before selling, encryption helps ensure the veracity of what their eyeballs see.
Grandma doesn't care if the government or Facebook knows she read the New York Times. Someone on the subway can look over her shoulder to discover that same datapoint. On the other hand, she does need to have confidence that what she reads has not been tampered with.
One could attempt to write "data protection" protocols that send multiple hashes to verify the payload. However, if the hashes are cleartext, you're back to where you started with broken trust because the hashes can be spoofed. The necessity of encryption (without regard for hiding or privacy) appears again.
[+] [-] red_admiral|11 years ago|reply
It doesn't solve the CA problem or the cost problem (you still have the whole cost of setting up a TLS session, actually encrypting the payload is the cheap part). But it's possible.
[+] [-] untitaker_|11 years ago|reply
[+] [-] sanxiyn|11 years ago|reply
[+] [-] dogma1138|11 years ago|reply
[+] [-] JoshTriplett|11 years ago|reply
"Lawful intercept": sure, you have the right, good luck with that. We're not going to make the Internet less secure for the benefit of government interception; if anything, we're making it more secure because of the possibility of government interception. This one is a very old argument, and easily debunked: assuming you allow any encryption at all, just having less of it doesn't make lawful interception any easier, because of course all the illicit traffic will be encrypted. The only thing it does is make encrypted traffic seem more suspicious, which isn't good for anyone.
SNI works just about everywhere these days, and it's quite safe for most services to just turn it on and write off the few systems (IE on XP, and truly ancient mobile devices) that can't cope.
People don't get used to clicking certificate warnings away because browsers have gone out of their way to make that painful, and it should be.
If you don't understand TLS, learn, or count on other people to have learned. That's no excuse for not using it.
There are many folks working on fixing the CA problem, but even without that completely fixed, SSL is still better than cleartext.
All that said, I do think the first section of the article, about unintended affordances (such as emergencies) is worth considering in other technological contexts. That point was made years ago: http://code-is-law.org/
[+] [-] the_mitsuhiko|11 years ago|reply
Government censorship is happening if you want it or not. The main difference is now that there is a lot more collateral damage with SSL deployed.
> If you don't understand TLS, learn, or count on other people to have learned. That's no excuse for not using it.
I agree in the sense that anyone who runs a security critical website should deploy SSL and there is no excuse for not doing it. However what triggered the whole article was that more and more websites become completely impossible to use in the absence of SSL even for anonymous data access.
[+] [-] Lawtonfogle|11 years ago|reply
>Unfortunately, SSL prevents this. Unfortunately because it means that if a website hosts partially illegal shared content, then the whole website is down and not just the subsets of it which are legally problematic.
>But not everybody is entitled to privacy in all situations. For instance convicted criminals are not. Likewise many lawful professions need to be heavily surveyed for security.
>a pilot hid his psychological problems from his employer and intentionally caused a plane to crash.
In my view this is all valid reasons to encrypt everything. When prisoners are made such based on unjust laws, I say that anything that gives them their rights is good. Forcing a government to be very overt about its censorship of websites is good. Allowing people to hide their mental disorders in a world where a mental disorder is still seen as a moral failing is good.
Encrypting everything enforces a positive change on society. Governments have to be more open about their censorship, allowing for greater discussion. Dissidents can communicate in secret, allowing for greater freedom. Critical systems have to be built so that a single individual cannot cause a large loss of life. Groups that are required to be surveyed must directly incorporate it into their systems
As for the cost of using SSL, my understanding is that they are much overstated.
[+] [-] jpgvm|11 years ago|reply
I respect the author but this doesn't read well reasoned.
Firstly CAs not being equipped to scale and the inevitable mistakes that will happen in a highly manual process. Thankfully this has already been resolved, we have DNS - if you are in control of DNS you are authenticated. This is is the system to be used in the EFF automated certificate issuing protocol.
As for CPU cycles we have Moore's law (which is still in full effect for things like SSL decryption). That and many many motivated engineers.
The next bit is where things get sour.
It seems the argument is because law enforcement has the "right" to read your traffic that anything you do to dissuade them will only result in further systematic destruction of privacy, i.e MITM attacks on SSL.
The final points around complexity do make some sense but those are against SSL, not against encryption IMO. SSL and TLS are both hugely complicated but this need not be the case.
As for my point of view.
We need encryption. Why? Because communication has changed.
Communication used to be manual and as such the attacks against it were manual and unable to be orchestrated at scale. Government surveillance was better understood because communication was simpler so lawmakers couldn't destroy all privacy accidentally.
Now almost all communication is digital, it's become economical to simply subvert -everyones- privacy. Lawmakers are at a loss to understand even basic computer science let alone what motivated and technically sophisticated "law enforcement" agencies can do with such massive amounts of information.
We need encryption to save privacy before it's lost forever.
[+] [-] the_mitsuhiko|11 years ago|reply
I never said that we don't need encryption, far form it. I said we do not need to encrypt everything and I firmly stand by that. If we do want to encrypt the entirety of the internet traffic then I believe we need to consider all the consequences this causes. That was my point, not more, not less.
[+] [-] rakoo|11 years ago|reply
"Oh, I see you're downloading this package in a slightly old version that is still vulnerable. I guess you're going to install it, which means you'll be vulnerable in the next 10 mins"
This is one of the main obstacles of things like apt-p2p or debtorrent (i.e downloading your system packages in a p2p fashion): you don't wan't to tell the whole world what are the packages on your machine.
[+] [-] falcolas|11 years ago|reply
There's a political reason as well: "I see you just downloaded pycrypto - we're going to throw you on a watchlist since you obviously want to hide something". This speculation is based on past actions doing this very thing with Tor.
[+] [-] fennecfoxen|11 years ago|reply
Assuming that, once it's off the wifi, it's utterly unrealistic that an attacker could be anywhere else in the packet path? That -- even outside of ecommerce -- there's no way any icky ISP could be doing deep packet inspection to sell your data out for ads, or any virus on a cheap consumer-grade router interested in hijacking your profile to turn into a spambot? And assuming, moreover, that this New Technological Capability would be deployed in a consistent and timely fashion? Sure, I agree it'd be an excellent deterrent to many attacks on its own, but end-to-end encryption easily wins. (And if you're really an interesting "larger website" then you have the resources to make SSL happen.)
[+] [-] the_mitsuhiko|11 years ago|reply
[+] [-] Nursie|11 years ago|reply
This is a fundamental disconnect with how many people on the pro-encryption side think - the government has no right to do this, regardless of the law, and therefore we will do all we can to get in the way.
>> Cryptography is black magic.
It's maths.
>> As of recently the Python package installer downloads every package via SSL. Why? There is no technical reason for this unless you want to hide
There are multiple reasons.
One might be to ensure integrity of the file, and authenticity of the source. TLS gives you this, plaintext not so much.
Another is that the more uninteresting stuff there is getting encrypted, the better, as it means it's less noteworthy.
[+] [-] sanxiyn|11 years ago|reply
[+] [-] maerF0x0|11 years ago|reply
Pro: Democracy is more stable and more guaranteed Pro: Lower level criminals are thwarted and the cost of attacks prohibit profitability of small attacks. Pro: Increasing value of transactions are becoming possible online. No one in their right (or educated) mind would sign into a $10k+ account if their password/traffic wasnt protected.
[+] [-] icehawk|11 years ago|reply
sslsniff was released over a decade ago.
[+] [-] the_mitsuhiko|11 years ago|reply
[+] [-] makmanalp|11 years ago|reply
But then the message / proposed solution is "let's just give up on TLS except for what I arbitrarily define as important". What I would have hoped for is "let's try to make it better".
[+] [-] Zmetta|11 years ago|reply
The only argument against pervasive solid encryption with potential validity is external-party bypassing; where the external-party is outside the intended group of involved parties (Bob & Alice) and wishes to access or manipulate the secured communications. The most obvious situation being some external authority wishing to prevent or prosecute a crime.
Traditionally, in the US, you (and your property) have agency until a warrant, subpena, or probable cause arises. At this point, and no sooner, the acting authority suspends some part of that agency for the assumed greater good of the society and begins collecting evidence through an established process. Without this suspension of agency the authority, traditionally, cannot and should not be treating you or your property with reduced agency; the authority should not be preemptively diminishing your agency by starting that evidence collection process (compromising protections) with zero probably cause.
It is the problem and responsibility of that authority, as set out by the social contract of free agents comprising our society, to reduce agency and collect evidence AFTER probably cause arises and NOT as the default against every citizen.
[+] [-] sqeaky|11 years ago|reply
What is the recourse for the average Joe when his social network doesn't encrypt logins? Facebook did this for years, the average user just ignored it and logged in, no amount of training or convincing could dissuade many.
What will the user interface look like for a site that is not encrypted but verified secure? It is hard enough to get people verify the lock icon is green or gold. Many ignore and just assume that online shopping is so fraught with hackers that it cannot be done safely. This will not help that situation.
Why do we care about the cost of CPU cycles? No matter how good the encryption is a human still needs to make a decision. Settling on a simple one helps the human make it faster. CPU cycles get cheaper every year but the brain hasn't improved in thousands.
Encrypting everything is simple and can be made to work even for less technical people.
[+] [-] sqeaky|11 years ago|reply
If we forgo simplicity I will still encrypt what I can. Having only some protection is not the same as my protection being an illusion.
[+] [-] im3w1l|11 years ago|reply
[+] [-] the_mitsuhiko|11 years ago|reply
[+] [-] unreal37|11 years ago|reply
Perhaps he should have said "Using SSL is like using antibiotics. If everyone is using it all the time, the attackers just find ways around it that are impossible to defend against and you're screwed."
Not sure I get the analogy about having gates on the subway are bad when people need to use the subway in an emergency. Like, if you have a stab wound and are taking the subway to the hospital, its better not to have to fumble around for change in your pocket and line up for a ticket? Seems like there are actually very few or no emergencies where someone needs to ride the subway for free.
Also, I'm no SSL expert, but even if the certificate is expired and the user acknowledges the error, isn't the communication still encrypted? They don't lose the encryption just because of an expired certificate do they? I honestly don't know, but I just assumed that's how it worked.
The one thing I agree with is that the trust model for SSL is opaque to most users. I have no idea who my browsers trust by default, and I have no idea who those guys trust, and even if there is a 3rd degree of trust beyond that, and so ultimately there are thousands of people around the world who could spin up an SSL certificate that my browser would trust without question. Strange system.
[+] [-] zAy0LfpBZLC8mAC|11 years ago|reply
Except no such mechanism exists. If you build proper crypto, it's secure, attackers can not simply make it insecure by wishing it were.
> Also, I'm no SSL expert, but even if the certificate is expired and the user acknowledges the error, isn't the communication still encrypted?
But it might be using a compromised key, for example. Also, one problem is people getting used to clicking "OK" on SSL warnings, which might backfire when confronted with an actual attack.
[+] [-] Lawtonfogle|11 years ago|reply
Except we are dealing with intelligent actors instead of unguided evolution. They will go after those tools as long as anyone could possibly use SSL.
[+] [-] sgdread|11 years ago|reply
[1] https://www.eff.org/deeplinks/2014/11/verizon-x-uidh
[+] [-] the_mitsuhiko|11 years ago|reply
[+] [-] krig|11 years ago|reply
On a social level, I don't find any of the arguments convincing. The positives of ensuring private communication far outweigh the negatives.
[+] [-] jerf|11 years ago|reply
Consider the two-dimensional graph of difficulty of hostile interception of traffic vs. the value of hostile interception of traffic to the intercepting entity. ("Interception" including both attacking authenticity and privacy of the connection.) In the low/low side, you have, say, my blog posts. Deliberately public, of interest to pretty much nobody "official", unencrypted, unauthenticated HTTP. On the high/high side, well-encrypted inter-colo traffic between two computers owned by a bank, or perhaps an arms manufacturer.
10 years ago, this was a rich graph with lots of interesting nuances. Who even cares about the easy/easy cases? Of course the hard/hard cases justify encryption. And there's a lot of in between and useful cost/benefit analysis that could be done. I think the original article is written based on this mental conception of the landscape.
However, recently between technological advances and increased discovery about what is being done by governments (and remember, not just the US government, many have been caught doing things and many more are presumably getting away with things we still have not heard about) and a variety of corporations (and remember all this Superfish stuff and such predates the mandatory encryption!) has revealed that the previously-rich 2D landscape really isn't 2D after. It turns out that there is no "difficulty" dimension. It's all very easy to intercept, at scale, if not downright trivial. Governments hoover (both the vacuum and as in J. Edgar) up entire fiber optic trunks. Companies and spyware get a footprint on a machine and basically nuke all SSL flat for thousands of machines or entire major corporations at a time.
In the other dimension, it has become pretty clear that even "trivial metadata" allows far more information to be exposed about someone than any but a handful of computer scientists would have believed 10 years ago [1]. Everything has a great deal more value than we thought.
The net effect of all of this is that it collapses the entire previously-two-dimensional landscape to a nearly a single point. Everything is trivial to collect, and everything leaks a shocking amount of information, and information is power.
Consequently, regardless of the fact that both answers suck in their own way, we really only have one choice: Require encryption, or not. There's no middle ground anymore. We used to have one, but it's collapsed away.
And, frankly, acknowledging everything in the original article and with the amplification that there's probably even some stuff missing that could be added, I'm pretty sure that in the end, there's still only one reasonable choice, which is the direction we're currently headed in. Yeah, it sucks. But a root cause analysis of the problem isn't that it's the encryption's fault... it's the companies, spyware, and government that have put in so very, very much effort into collapsing this landscape. Blame them for the measures we have to take to protect everybody.
Though, even as you do so, bear in mind that in the rich, complex ecosystem of the Internet, parasites are ultimately inevitable, so it's also no use pretending that if we just fix the current companies and governments we could somehow change the problems. The only answer is that, yeah, we have to rewrite how the "laws of physics" of this ecosystem work. The only other alternative is the overproliferation of parasites and a resulting value collapse of the ecosystem to humanity as it becomes too untrustworthy to use for a variety of things we'd really like to use it for. (That is, I'm not claiming that the Internet would become entirely useless, but we'd really like to be able to use it for important things, not just Buzzfeed and cat videos.)
[1]: http://33bits.org/about/
[+] [-] adricnet|11 years ago|reply
Unfortunately, I think you have over-simplified a complex issue to a dichotomy (encrypt everything or nothing) that is perhaps more confusing than helpful.
Encryption is a broad and diverse subject, as well as a field of expertise (not mine). I doubt parties in the debate have axioms that align here as there are so many interpretations and levels of detail to disagree about. Put more clearly I don't think any three people reading this would agree on what you mean by encryption in your post.
If you instead said "protect" "everything" / all traffic / all data/ all browsing /... , and gave some details as to the threats you are concerned about, it might strengthen the argument you are making.
EG : "protect" the "names of sites I visit" from sousveillance ... "protect" the "integrity of software packages I download" from "evilgrade" attacks ... protect "the pseudo-anonymity" of "journalists posting to social networks" from "state sponsored malware injection" ... and so on. Encryption techniques could be (are) used against all of these problems, but in different ways.
There is a lot to discuss and try to understand in these issues. Thank you for contributing positively to the discussion ( and I hope I am as well).
[+] [-] thomashabets2|11 years ago|reply
And no, it's not "the same thing" if China forced baidu to do it directly, or if they made CNNIC forge an SSL cert.
[+] [-] JulianMorrison|11 years ago|reply